silverstripe/cms Security Advisories for 4.4.2 (5)
-
[HIGH] Silverstripe CMS malicious file upload enables script execution
PKSA-znsz-m7d7-h56t CVE-2020-9309 GHSA-h77w-655f-6j3m
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-ccyg-wwy5-yyd3 CVE-2020-9311 GHSA-2pw2-qpcp-m47x
Affected version: <=4.5.0
Reported by:
GitHub -
[HIGH] Silverstripe CMS information disclosure
PKSA-56d7-q47d-h34q CVE-2020-6164 GHSA-gm5x-hpmw-xpxg
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] CVE-2022-37421 - Stored XSS in custom meta tags
PKSA-vfdf-hjn1-7mdt CVE-2022-37421 GHSA-pp74-g2q5-j4jf
Affected version: >=4.0.0,<4.11.3
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[CRITICAL] Missing warning can lead to unauthenticated admin access in SilverStripe
PKSA-7mbq-dxf7-1z4d CVE-2019-12204 GHSA-cg8j-8w52-735v
Affected version: >=4.4.0,<4.4.4
Reported by:
GitHub